[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Symlink attack vulnerability in auto-saving

From: Davis Herring
Subject: Re: Symlink attack vulnerability in auto-saving
Date: Mon, 10 Sep 2007 12:38:18 -0700 (PDT)
User-agent: SquirrelMail/1.4.8-6.el3.2lanl

> Following the recent discussion about symlinks and race-conditions in
> the thread "creating backups in temporary directories", I may have
> discovered a more severe vulnerability in auto-saving of files.  If a
> file foobar exists, Emacs will write auto-save data to #foobar# and
> follow symlinks.  That's rather bad if foobar is in a world-writable
> directory. :-(

Just to put the message on all threads, in case it's deemed the correct
answer, O_EXCL can work here, too, with the same trick of renaming an old
(non-malicious) auto-save file to reduce the amount of time that no useful
auto-save data is on disk.


This product is sold by volume, not by mass.  If it appears too dense or
too sparse, it is because mass-energy conversion has occurred during

reply via email to

[Prev in Thread] Current Thread [Next in Thread]